Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bug 1701422: use port 443 for registry service #259

Closed
wants to merge 1 commit into from
Closed

Bug 1701422: use port 443 for registry service #259

wants to merge 1 commit into from

Conversation

adambkaplan
Copy link
Contributor

Use the default HTTPS port for the internal registry service.
This lets us drop the port when referencing images on cluster.

@adambkaplan
Copy link
Contributor Author

/assign @dmage

@openshift-ci-robot openshift-ci-robot added size/S Denotes a PR that changes 10-29 lines, ignoring generated files. approved Indicates a PR has been approved by an approver from all required OWNERS files. labels Apr 22, 2019
dmage
dmage reviewed Apr 23, 2019
View reviewed changes
pkg/operator/controller.go Outdated
@@ -66,6 +66,10 @@ func NewController(kubeconfig *restclient.Config) (*Controller, error) {

p := parameters.Globals{}

p.Service.Name = imageregistryv1.ImageRegistryName
p.Service.Port = 443
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Having this as a parameter may give wrong feeling that this a parameter that can be changed. But at the same time we have fmt.Sprintf("%s.%s.svc", svc.Name, svc.Namespace) that makes this value impossible to change without additional modifications. It worth mention that we rely on the fact that this port is the default port Docker.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I can drop this (in which case I can drop the TargetPort as well, since that should be the port on the container)

@adambkaplan
Bug 1701422: use port 443 for registry service
c5ea07c 
Use the default HTTPS port for the internal registry service.
This lets us drop the port when referencing images on cluster.
@openshift-ci-robot openshift-ci-robot added size/M Denotes a PR that changes 30-99 lines, ignoring generated files. and removed size/S Denotes a PR that changes 10-29 lines, ignoring generated files. labels Apr 23, 2019
adambkaplan
adambkaplan commented Apr 23, 2019
View reviewed changes
test/framework/imageregistry.go
return false, fmt.Errorf("expected internal registry hostname %s; got %s",
"image-registry.openshift-image-registry.svc",
cfg.Status.InternalRegistryHostname)
}
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fail fast if the internal registry host name doesn't match what we expect.

@dmage
Copy link
Contributor

dmage commented Apr 23, 2019

/lgtm

@openshift-ci-robot openshift-ci-robot added the lgtm Indicates that a PR is ready to be merged. label Apr 23, 2019
@openshift-ci-robot
Copy link
Contributor

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: adambkaplan, dmage

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@openshift-bot
Copy link
Contributor

/retest

Please review the full test history for this PR and help us cut down flakes.

7 similar comments
@openshift-bot
Copy link
Contributor

/retest

Please review the full test history for this PR and help us cut down flakes.

@openshift-bot
Copy link
Contributor

/retest

Please review the full test history for this PR and help us cut down flakes.

@openshift-bot
Copy link
Contributor

/retest

Please review the full test history for this PR and help us cut down flakes.

@openshift-bot
Copy link
Contributor

/retest

Please review the full test history for this PR and help us cut down flakes.

@openshift-bot
Copy link
Contributor

/retest

Please review the full test history for this PR and help us cut down flakes.

@openshift-bot
Copy link
Contributor

/retest

Please review the full test history for this PR and help us cut down flakes.

@openshift-bot
Copy link
Contributor

/retest

Please review the full test history for this PR and help us cut down flakes.

@pweil-
Copy link

pweil- commented Apr 24, 2019

/retest

@openshift-bot
Copy link
Contributor

/retest

Please review the full test history for this PR and help us cut down flakes.

@adambkaplan
Copy link
Contributor Author

/hold

Not clear why we are consistently failing

@openshift-ci-robot openshift-ci-robot added the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Apr 24, 2019
@adambkaplan adambkaplan mentioned this pull request Apr 24, 2019
Merged
@dmage
Copy link
Contributor

dmage commented Apr 25, 2019

/retest

1 similar comment
@dmage
Copy link
Contributor

dmage commented Apr 25, 2019

/retest

@adambkaplan
Copy link
Contributor Author

/hold cancel

@openshift-ci-robot openshift-ci-robot removed the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Apr 26, 2019
@adambkaplan
Copy link
Contributor Author

/retest

@adambkaplan
Copy link
Contributor Author

got past the auth issue, now seeing a service name collision on imagestream tag import:

STEP: trying to tag a docker image below limit map[openshift.io/image-tags:{{0 0} {<nil>} 0 DecimalSI}]
Apr 26 16:44:41.848: INFO: Running 'oc import-image --config=/tmp/configfile546157238 --namespace=e2e-test-limitrange-admission-ls5dk stream:dockerimage --confirm --insecure --from image-registry.openshift-image-registry.svc:5000/e2e-test-limitrange-admission-ls5dk/src@sha256:90adb61c4cefbfc6de612caff4c5d964bba789cc3244ccc50cdd3603041ef9d0'
error: tag  failed: Internal error occurred: Get http://image-registry.openshift-image-registry.svc:5000/v2/: dial tcp 172.30.138.105:5000: connect: no route to host
imagestream.image.openshift.io/stream imported with errors

Name:			stream
Namespace:		e2e-test-limitrange-admission-ls5dk
Created:		Less than a second ago
Labels:			<none>
Annotations:		openshift.io/image.dockerRepositoryCheck=2019-04-26T16:44:47Z
Image Repository:	image-registry.openshift-image-registry.svc/e2e-test-limitrange-admission-ls5dk/stream
Image Lookup:		local=false
Unique Images:		0
Tags:			1

dockerimage
  tagged from image-registry.openshift-image-registry.svc:5000/e2e-test-limitrange-admission-ls5dk/src@sha256:90adb61c4cefbfc6de612caff4c5d964bba789cc3244ccc50cdd3603041ef9d0
    will use insecure HTTPS or HTTP connections

  ! error: Import failed (InternalError): Internal error occurred: Get http://image-registry.openshift-image-registry.svc:5000/v2/: dial tcp 172.30.138.105:5000: connect: no route to host
      Less than a second ago
STEP: waiting for an is importer to import a tag dockerimage into a stream stream

@openshift-bot
Copy link
Contributor

/retest

Please review the full test history for this PR and help us cut down flakes.

9 similar comments
@openshift-bot
Copy link
Contributor

/retest

Please review the full test history for this PR and help us cut down flakes.

@openshift-bot
Copy link
Contributor

/retest

Please review the full test history for this PR and help us cut down flakes.

@openshift-bot
Copy link
Contributor

/retest

Please review the full test history for this PR and help us cut down flakes.

@openshift-bot
Copy link
Contributor

/retest

Please review the full test history for this PR and help us cut down flakes.

@openshift-bot
Copy link
Contributor

/retest

Please review the full test history for this PR and help us cut down flakes.

@openshift-bot
Copy link
Contributor

/retest

Please review the full test history for this PR and help us cut down flakes.

@openshift-bot
Copy link
Contributor

/retest

Please review the full test history for this PR and help us cut down flakes.

@openshift-bot
Copy link
Contributor

/retest

Please review the full test history for this PR and help us cut down flakes.

@openshift-bot
Copy link
Contributor

/retest

Please review the full test history for this PR and help us cut down flakes.

@adambkaplan
Copy link
Contributor Author

/hold

@openshift-ci-robot openshift-ci-robot added the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Apr 27, 2019
@adambkaplan adambkaplan mentioned this pull request Apr 29, 2019
Merged
@openshift-ci-robot
Copy link
Contributor

@adambkaplan: The following tests failed, say /retest to rerun them all:

Test name Commit Details Rerun command
ci/prow/e2e-aws c5ea07c link /test e2e-aws
ci/prow/e2e-aws-image-registry c5ea07c link /test e2e-aws-image-registry
ci/prow/e2e-aws-upgrade c5ea07c link /test e2e-aws-upgrade

Full PR test history. Your PR dashboard. Please help us cut down on flakes by linking to an open issue when you hit one in your PR.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here.

@lberk lberk mentioned this pull request May 1, 2019
Open
@adambkaplan
Copy link
Contributor Author

Per thread in aos-devel, we don't plan on landing this until 4.2

@wewang58 wewang58 mentioned this pull request May 5, 2019
Closed
@dmage dmage added this to the 4.2 milestone May 6, 2019
@openshift-ci-robot
Copy link
Contributor

@adambkaplan: PR needs rebase.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@openshift-ci-robot openshift-ci-robot added the needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. label May 11, 2019
@adambkaplan
Copy link
Contributor Author

/close

Replaced by #322

@openshift-ci-robot
Copy link
Contributor

@adambkaplan: Closed this PR.

In response to this:

/close

Replaced by #322

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dmage dmage dmage left review comments

@coreydaley coreydaley Awaiting requested review from coreydaley

Assignees

@dmage dmage

Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. lgtm Indicates that a PR is ready to be merged. needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. size/M Denotes a PR that changes 30-99 lines, ignoring generated files.
Projects
None yet
Milestone
4.2
Development

Successfully merging this pull request may close these issues.

None yet
5 participants
@adambkaplan @dmage @openshift-ci-robot @openshift-bot @pweil-